Cyber Resilience

CVE-2024-0406

Medium

Published: 06 April 2024

Published
06 April 2024
Modified
25 April 2025
KEV Added
Patch
CVSS Score v3.1 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
EPSS Score 0.2206 95.9th percentile
Risk Priority 25 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-0406 is a medium-severity Path Traversal (CWE-22) vulnerability in Mholt Archiver. Its CVSS base score is 6.1 (Medium).

Operationally, ranked in the top 4.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The vulnerability CVE-2024-0406 is a path traversal flaw (CWE-22) in the mholt/archiver package. A specially crafted tar archive can cause the library to access or write files outside the intended extraction directory during unpacking, enabling creation or overwriting of files using the privileges of the user or application performing the operation. The issue carries a CVSS 3.1 score of 6.1 with local attack vector, low complexity, and required user interaction.

An attacker with the ability to supply a malicious tar file to a victim process can exploit the flaw to achieve unauthorized file writes on the target system. Exploitation requires the target to unpack the archive with the affected library and does not grant direct remote code execution or privilege escalation beyond the permissions of the extracting user.

Red Hat has published security advisories and errata, including RHSA-2025:2449, that reference this CVE for affected products. The current EPSS score stands at 0.2206 with no material increase from its recorded peak.

EU & UK References

Vulnerability details

A flaw was discovered in the mholt/archiver package. This flaw allows an attacker to create a specially crafted tar file, which, when unpacked, may allow access to restricted files or directories. This issue can allow the creation or overwriting of…

more

files with the user's or application's privileges using the library.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

mholt
archiver
3.0.0 — 4.0.0
redhat
advanced cluster security
3.0
redhat
openshift container platform
4.18 — 4.18.4

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References